Webinar: 2023 Bank failures, lessons learned, how to monitor risk to failed banks expected regulatory reactions etc.
November 2, 2023
SPEAKERS
Kayvan Alikhani, Michael Delune
Introduction
<Moderator>
Good morning, everybody, we’re going to let some people come into the room and we will get started in a couple of minutes with this webinar. Thank you for waiting.
<pause>
Okay, we’re going to get started, so we don’t delay too much. Hello, and welcome to Compliance AI’s webinar: “2023 Bank Failures, Lessons Learned, How to Monitor and Manage Risk and Best Practices” (to do that.) Today, we’re going to be talking to Kayvan Alkhani and Michael Delune, (who we’ll introduce in a moment), but before: a few housekeeping items. If you have any questions during the webinar, please feel free to drop them into the Q&A section of the Zoom webinar chat and we’ll make sure that we get to answer them at the end of the webinar, (if we have some time leftover). If not, we will definitely send you some responses via email. Also, this webinar is being recorded. So, this will be available on demand probably early next week, and you will get a notification that it’s on-demand as well. If there are any other issues or challenges, (you can’t see something here) somebody feel free to send me a note via chat. I see the compliance AI panelist on there, we’ll get started. Today we have Kayvan Alikhani, the co-founder and CSO of Compliance AI (whom we’ve met in previous webinars), and our expert advisor joining us today is Michael Delune, General Counsel and corporate secretary at Manufacturers Bank. They’ll be talking about this year’s bank failures and lessons learned. Kayvan, take it away.
Kayvan Alikhani <Kayvan>
Thank you so much. Ronjini. Let me thank you, Michael, so much for participating in this session-which is (very much) a crisis of the day or maybe (hopefully) a crisis behind us. We’re going to look at the recent bank failures in three different aspects: what actually happened, and what led to the failures, and then look at it from the regulatory perspective. What do we learn looking back? What do we expect to see down the pipe from a regulatory and rulemaking point of view? Last but not least, how do we as an organization, improve our risk posture? What is our risk appetite? What best practices should we follow to reduce or mitigate the risk of these types of failures?
<POLL #1>
With that, starting with the question “Where do we sit today?” Done and done or it’s work that you have in progress. You’re not sure what needs to change or whether those failures were part of your organization’s processes or that you don’t think they apply to you?
Have you changed your risk program as a result of 2023 bank failures?
A. Yes, already implemented. Done.
B. Yes In the works! In progress.
C. Not sure what to change: how do these failures relate to our business?
D. No, we don’t think those failures are related to our company.
<pause for responses>
Moderator
Like 30 seconds. There’s a lot of feedback here. I love it. Think this is a pretty good, pretty good gauge,
Kayvan
All right. Yes, “already implemented/in the works” Is the answer we would expect to see. And, of course, the third one “not sure.” Hopefully, this webinar will shed some light on that. Thank you so much for that, really appreciate it. Michael, looking at what’s happened to some of the international organizations and some in the US, what do you think are the key drivers for these failures?
Michael Delune <Michael>
Yeah, and by the way, on that poll, I was trying to select Yes, and we’re still working on it, I think. I was happy to see that was the majority of responses, because risk management is, of course, an ever-evolving and dynamic cycle. So, whenever we think we’re done, I feel like there’s always more to do after that. In any event, just to kind of set the stage a little bit clearer on looking at 2021, no bank failure. Looking at 2022, no bank failure at all. Then in 2023, all of a sudden, we had the failure of Silicon Valley Bank on around March 10th. Signature Bank almost immediately after that, and then a couple of months after we had the failure of First Republic Bank. Some of those were some of the largest failures in US banking history. I think the First Republic one, in particular, was the second largest bank ever to fail, after Washington Mutual. So needless to say, that sent quite a shock through the banking system. Many people on this call might actually remember, (it’s one of those things that was significant enough that many people might actually remember): where they were and what they were doing when they found out about some of those failures. I do recall that the first question I started to ask myself, which we started to discuss with colleagues was, “Is this a one-off event?” Or is this the beginning of something larger? Having lived through the 2008 crisis, for those of us who have lived through it, I think we have an appreciation for the risk. The systemic risk, the risk of contagion that some of those failures could present. So, really quick in terms of the mechanics- when you look at Silicon Valley Bank’s failure, the bank had invested heavily in Ultra market securities that were accumulating. At the same time, they started to face withdrawals for a number of reasons, including changes in the day-to-day interest rate environment. They had to draw on their available-for-sale securities. Eventually, they had to rebalance their balance sheet as a result of that made capital. When we started to experience deposit flights, many of which were concentrated in similar markets, right? High, uninsured deposit balances somewhat in specialized businesses, venture capitalists, etc. That’s really the commonality between the First Republic failure and the Silicon Valley Bank failure, where there was some measure of concentration in the types of depositors that those banks had. So that’s kind of what happened mechanically there. At first, we felt like it was somewhat of a different story. It was much more a contagion straight from the Silicon Valley Bank failure, which just made depositors quite frankly, a bit nervous. Again, because they had a high concentration and some of those kinds of specialty-type deposits, also uninsured balances. There was just a good old-fashioned bank run and that’s really what brought both of those banks down at the end of the day, was a good old-fashioned bank run. Trying to kind of look under the hood, a little bit. The regulators did issue reports on those bank failures, trying to look at the sequence of events. Trying to look at what were the key drivers (really the root cause of those failures.) In the case of Silicon Valley Bank: there were actually four of them that were cited. The first one is actually the most obvious one. This one relates to risk management practices. I’m actually not even going to dwell on that one too much, because those are kind of well-articulated in the regulatory report and somewhat evident, (especially in hindsight) right, we’re looking at areas of interest, interest rate, risk management, liquidity, management, etc. Which, again, in hindsight, perhaps there was room for improvement. I think that what was much more telling here was the self-criticism that the regulators put on themselves. The supervisors were viewed as not having fully appreciated the risks that these banks were faced with. Also, there was a general sense that the Fed, (based on the report) that the supervisors did not act fast enough when they started to spot issues at the bank. Meaning that they spent too much time kind of deliberating whether something should be an MSII, or there should be a verbal recommendation, etc. At the end of the day, they were kind of stuck in the wrong bureaucracy (and unable to actually act on it). Unable to actually try to compel management and the board to act on some of those perceived weaknesses. The Fed also criticized its own regulations, and in particular, the tailoring rules that were passed a couple of years ago, and we’ll talk about that a little bit more later. But basically, the conclusion from the Fed report was that maybe those rules aren’t as well tailored as they thought they should be, and have in fact, caused some of those banks to be exposed to risks that were outside of the boundaries of the Fed’s own risk appetite. The First Republic Bank report was drafted by the FDIC, which was the primary federal supervisor of that bank and it’s interesting. The FDIC was much less critical of itself and the reports and much less critical of the bank. It almost feels in reading that report that they were just kind of shrugging their shoulders and saying, “Well, you know, it was good all run on banks, and there’s almost no bank out there that could sustain a true run on its deposits.” Therefore, what are we going to do? They didn’t say, “Therefore, what are we going to do?” but reading between the lines, it kind of felt that way. The FDIC report was much lighter on (kind of) proactive steps that the regulator intends to take in order to ensure that the second-largest bank failure in history doesn’t happen again. So yeah, it’s something that I think we will see some reaction in the long term by the regulators. What actually surprises me overall, is that we haven’t seen a more immediate reaction. Look, it’s been since March and what has really happened between then and now (in terms of the regulatory) reaction? We’ll talk about that later during the presentation, but the short answer is not a whole lot.
Kayvan
You mentioned the US examples and simultaneously we saw the Credit Suisse collapse/takeover that just happened. Would you put that under the same umbrella of drivers that led to that? Or would you categorize that as completely different or the same?
Michael
Only in as much as it always boils down to risk management. This is where you have the dynamic between the banks, management, and advanced boards who are responsible for safety and soundness. Ultimately, you’re the institution and the regulators who are preoccupied solely with the safety and soundness of the institution. Anytime that there is a bank failure, I tell myself, “Okay, there were failures, both at the board level and management level and other regulatory levels for letting the failure happen in the first place.”
Kayvan
Absolutely. You mentioned one level was around governance. So, looking back in retrospect, from a governance perspective, what did we learn?
Michael
Anytime that there’s a bank failure, (and I remember this my days also as outside counsel), that’s when everyone picks up the phone, including bank directors. They start to ask questions about that. What is your responsibility as a director and reading between the lines? Again, what’s your liability if we fail to fulfill that responsibility? As I said earlier, the board management is ultimately tasked with ensuring the continuing safety and soundness of the institution. As a board, it is absolutely critical that the Board provides the terms, it’s a credible challenge, right? Credible challenges to management, to the decisions that management makes. From time to time, you hear about boards that effectively act as “rubber stamps” for management and there is no credible challenge. This is the type of board that would be much more subject to potential liability vis a vie shareholders vis a vie, the regulators if that bank were to fail. A good example of that would be when management periodically asked the board to kind of “move the goalposts.” Let’s say, for example, for risk tolerance, and as the bank approaches that risk tolerance, “Oh, now it’s Amber, well, we’re just going to change.” We’re going to change the tolerance. So sometimes there’s a good reason to do that, and I get it. But that is the kind of request that should be viewed with a very high degree of suspicion. Board independence, I think is also key here. What a lot of somewhat smaller institutions sometimes suffer from is a lack of independence. At the board level, the board tends to be somewhat stuck with either insiders of the bank itself, or with folks who are maybe the kind of business partners, friends, and sometimes even family of (let’s say), one of the founders of the bank, which really impairs the board’s ability to provide an independent challenge to management. In the same vein, board composition, in terms of the qualification of the board is also absolutely key. If a board is full of folks who are, I don’t know, local real estate developers sitting guys, as an example, as seen with a past client, it was all local real estate folks. They really have no idea how to actually run a bank, they don’t know how to manage a bank’s balance sheet, and they don’t know how to manage a bank risk program or a compliance program. So, it’s absolutely critical to have the right people at the board table to have that diversity of thoughts, diversity of experience, and so on. What I’ve seen as a useful tool from time to time to kind of compel that kind of inward look is the conduct of a self-assessment by the board. This is something that tends to be expected of larger institutions. It is actually part of what some of you may be aware of: the proposed rulemaking by the FDIC from just a couple of weeks ago, for banks above $10 billion dollars in assets. One of those requirements would be that boards have to conduct a periodic self-assessment. When you conduct a self-assessment, that really allows you to kind of write down on paper, where your weaknesses are as a board. Then that allows you to actually act on those. It’s also important to hold management accountable for their actions and that includes not only asking the hard questions of management but also holding management financially accountable. What I mean by that is incentive compensation and those standards ensuring that your compensation program is truly aligned with the best interests of the bank. Perhaps not exclusively based on revenue and profit making, but also maybe trying to penalize in a way (I shouldn’t use that term) but to dissent privatized management from engaging in imprudent risk-taking activities. Finally, kind of from a board standpoint, minutes are important. Maybe this is my corporate secretary hat that I’m wearing right now. There are various schools of thought about the taking of good corporate minutes. Some people think it should be very detailed and regurgitate everything that was said. I don’t think that’s the case. Some other people think it should be just one page (almost nothing) and I don’t think that should be the case either. As always, the right answer is somewhere in between. Look, I’ve talked about, for example, a credible challenge. This is exactly the kind of discussion that you would want captured in board minutes. It’s not necessary to write exactly the precise question or the precise answer, but just reflect the fact that a challenge occurred in that discussion.
Kayvan
You mentioned earlier that some of the regulators shrugging their shoulders, you know, this is just the run of the bank. Realistically, what are we seeing in terms of the reaction to mitigate future risk from a regulatory perspective? Not necessarily from rulemaking, we’ll talk about that separately. But what’s been the reaction overall?
Michael
By the way, I’m sorry. My eyes are hung up on this picture here with this scene on the right, yeah, we’ll get that out to YouTube and it’s a reference to the so-called Battle of the Wits. And there’s poison in one of those two cups of wine, and one of the guys trying to outsmart each other with respect which cup.
Kayvan
I was going to ask Ronjini, what’s the story behind it? Thank you for clarifying didn’t ask my daughter, she wasn’t sure. So, thank you. Yeah.
<laughter>
Michael
That’s about it is about risk and trying to choose from what might be the more or less risky option. In any event, and on a more serious note, I mean, look, the regulators have already made it clear that having identified what they viewed as some of the weaknesses that resulted in some of the 2023 bank failures, including especially financial risks. Which by the way, I think is a little bit of a change from what has been the regulatory story. In the prior couple of years, the focus has been a little bit more on I think, (is just my opinion here) on operational risk, business continuity, cyber, etc. Not to say those thoughts don’t continue to be extremely important. But I think the story of 2023 on the backside of those failures is that there is going to be renewed attention on financial risks. That includes, of course, liquidity risk, and interest rate risk, (which I mentioned earlier). Also, especially with what’s going on in the economy, I think there is going to be closer attention to credit risk and whether or not banks are properly managing those risks. On the liquidity risk front, the FDIC, just maybe a month, maybe two months ago, now, they issued the periodic risk with you. It’s a publication that they issued and then noted that, at least for community banks, liquid assets, as a percentage of total assets have been declining fairly steadily, throughout 2022 and continue to decline in 2023. And even though some of that is attributable to, a few kinds of dynamics that we expect, such as people are spending the TPP money and things like that. But they’re also expressing some concerns about it. I think they are going to pay quite a bit more attention to that. So that is going to result in somewhat more forceful regulatory enforcement. And there is anecdotal close that this, in fact, has started to happen in one of the trade publications just a few weeks ago. There were confidential reports because it’s all based on health and CSI, but there was there were confidential reports from some of the large regional banks that they were faced with a very large uptake, in MRA’s, is specific to financial risks in particular. So you can see that the severity of regulatory finance is increasing, and the velocity of regulatory findings is increasing, none of which, quite frankly, should come as a surprise to anyone.
Kayvan
So, oh, Sorry,
Michael
No, go for it.
Kayvan
No, I was going to say, you know at Compliance AI we obviously were tracking rules and regulations, the way you’re describing it, as you get more from one side, right, more rules and regulations, and also a stronger sense of enforcement, action enforcement tracking is to be expected.
Michael
Yeah, yeah. It’s a singles chart actually in the dashboard, and it’s kind of interesting to see the patterns there. I think, you know, there’s a reference here on the day kind of revisiting the $10 billion mark. So, you know, historically, if you were to look at the pure regulatory environment, there are actually very few regulations that reference the $10 billion mark as a specific trigger. You see it for the interchange fee tabs under the Durbin amendment, see them under some of the qualified mortgage rules, and a few other things. Right now, what it really means to cross that threshold (and it does matter) is that the institution would migrate to the continuous examination program, or as opposed to being examined only a year or every two years by the FDIC, the bank now becomes subject to having a perpetual examiner kind of designated to the institution and that they perform those kinds of risk assessments and deep dive throughout the year. Therefore, because the regulator is able to peel more layers of the onion, therefore, kind of the expectations also kind of get raised. And perhaps there’s the discovery of more issues. So that’s been the experience of many banks kind of crossing that mark. I think that what we’re going to see is enhanced expectations related to the crossing of that mark, perhaps even sooner. The FDIC has made it a theme over the last year or two, that the way they want to approach bank supervision is what they call “forward-looking supervision,” where they don’t just look at the bank, how it looks like now, but hard, it is expected to look like two years in the future growth, I see good growth. And that’s why it’s important for management to invest in good risk management. Now, even if the bank has not yet reached that mark, that was actually one of those areas of criticism. Perhaps one of those commonalities for those banks that have failed, is that the group quickly, perhaps a little too quickly, with the risk environment being quite keep up to date with that growth. So I think we’re going to see a little bit more activity on that front.
Kayvan
Yeah. And speaking of more activity, (rules and regulations) what do you think are the potential rules in the works? And what should we be looking out for in various areas?
Michael
Yeah, so, this looks pretty daunting. There’s a lot, but then there’s a punch line at the end. So a few things. First, the Fed, as I’ve mentioned earlier, based on the Feds report, related to the failure of Silicon Valley, have made it clear that they were interested in what’s been dubbed the untailoring of the enhanced prudential standards. So just to kind of go back a little bit and provide a little bit of context for everyone. So back in 2008-2009-ish Dodd-Frank Act, Section 165 requires and imposes enhanced prudential standards on holding companies with over $15 billion in assets, that kind of fast forward to 2018. The EGRCPA (I hope I got that acronym right) passed and amended the Dodd-Frank Act. Basically, what it does, is it increased from 50 to $250 billion, the thresholds for those standards, mind you, Silicon Valley Bank, for example, was under 250. So they increased the threshold to 250.
Kayvan
According to a very exclusive club, who have who is above beyond that.
Michael
Much, much, much, much narrower club of those banks that were subject to the most severe supervisory expectations. However, it did grant to the Federal Reserve the kind of discretionary authority to apply elements of those standards to banks that were of a smaller size. So as a result of that, the Fed adopted what was called the tailoring standards, which tried to take more of a risk-based approach. And that said, “Okay, well, if you are between this asset size, and that asset size,” for example, between 100, and let’s say, 150, or $200 billion, and you have to have some of those other elements, we’re going to put you in this bracket, which is subject to these requirements. And they try to, again to kind of tailor based on the risk profile, what the expectations were. That’s why as a result of those failures, we are now talking about a “un-tailoring” of those standards, or perhaps, will be better characterized as a recalibrating of those standards. We are already starting to see some of that. We started to see some of the proposals as part of the Basil three end game capital requirements that have been proposed. By the way, anytime I hear Bassel’s three-end game, I think about a big motion picture. And maybe it’s the final of the big trilogy and “Bassel three end game”, you know? So there’ll be some prequels made afterward, so don’t worry about Yes, yes, yes. So, that’s why we’re already starting to see. I think we could also see some changes to the AOCI filter. Some of that was already proposed, actually, as part of the Basel three proposals. The voaci filter, by the way, a refers to the rule that allows the bank not to include losses from available for sale securities, from their regulatory capital ratios. So many banks are able to exclude that. And as they reach kind of the larger asset sizes, Silicon Valley Bank, I think was able to exclude AOCI. And in fact that exclusion had an impact of about, I think, two percentage points on the banks to one capital ratio. I think we’ll also see additional capital or liquidity requirements for firms with certain deficiencies. I think I’ve already kind of covered that at nauseam talking about some of the some of the capitals, prudential standards. Resolution planning requirements, there is talk that the regulators will look at the existing resolution planning requirements that currently apply to G sips t(he largest banks out there), and would consider the expansion of those requirements to include perhaps the large regional banks. So a possibility to my knowledge, I don’t think I’ve seen any actual rulemaking proposed even in that regard, but I think that could be in their potential pipeline. There are talks about revisiting deposit insurance.
Kayvan
Happening even earlier, right? I’m sorry, that finally happened even earlier, like I want to say early March or April, that’s that conversation around deposit insurance, right?
Michael
Yes. Yes, yes. So a few things on that. First, of course, there was an immediate impact in terms of a special assessment that some banks will have to pay, because now we have to replenish the deposit insurance funds, it has to be replenished because the FDIC exercised their systemic risk exception, which allowed the FDIC to insure more than the $250,000 limit. In fact, they insured the entirety of the deposit balances for those for First Republic and Silicon Valley Bank. So kind of the largest scale question is kind of what does it mean? Should the FDIC consider or reconsider, under what circumstances they should exercise that kind of authority? It’s hard to say in hindsight, whether that was the right thing to do. One could argue that maybe let’s look, you have the second and third largest failure in banks in history for the US banking system. But then there was no more, I was kind of setting aside a signature being I realized there was Silvergate Bank, which was more of a liquidation. But we didn’t really see more significant contagion behind that. So maybe it did give a lot of comfort to depositors that the FDIC was able to step in. There may be also a rethinking of the $250,000 limit itself. I saw an article that talked about perhaps having a separate limit for business deposits, in particular, which I think would be a very interesting discussion. Now, all of that would require actual congressional action is beyond the powers of the regulators themselves. We have seen the issuance of an interagency policy statement on funding and liquidity risk management. They didn’t really reinvent the wheel there. If you were to read that statement, which is fairly short, it does highlight some of the kind of core principles that every bank should follow with respect to those standards. And then they reminded banks of course of the existence of the Fed discount window. I think the next two bullet points we can cover them at once. Anytime that there are bank failures, we always talk about executive compensation. I talked about the alignment of incentive comp standards, with the safety and soundness of the bank. That’s not only a board responsibility, but of course, that’s something that regulators are a bit more likely to look at. On several occasions, the regulators have kind of proposed rules to change the existing guidelines or comp standards. None of them have really kind of picked up quite yet. So we’re still waiting for more developments on that I think it will eventually happen. On the congressional front, we saw a Senate bill being proposed the Recoup Act, which would have allowed the FDIC to kind of recoup and claw back some incentive carbs from executives for failed banks. I don’t know whether it will ultimately pass. What’s kind of sad to me, Kayvan, is that of all the things Congress could do, in order to kind of add strength to the safety and soundness of the banking system. They choose to try to stick it to bank executives, which to me just feels like cheap, kind of political points, right? It kind of feels good, it feels like a win. But does it really address the issue? I would respectfully submit that it might not. The FDIC has stated in the regulatory calendar for 2023, which is getting close to an end, so I don’t know if it will actually happen. They have stated that they are planning on issuing proposed source of strength regulations. This actually dates back from the Dodd Frank Act, which requires the FDIC to issue those regulations. It’s only been over a decade but it looks like they’re actually taking that seriously. And we’ll see that coming up. You may recall that the Fed did issue some, at least one new liquidity facility for banks to draw from. I don’t remember that anything was called the bank term funding program. And it had some success and a number of banks draw on doors facilities. Not every bank wanted to I think because the I think the list was going to be made public, which gave me flashbacks from the TARP program in 2008, where a lot of banks hesitated to participate in the program because they didn’t want to be tainted with kind of government intervention. So that’s, that’s a decision for management to make. I think the big question is whether or not as that facility expires next year, will the Fed kind of replace it or either renew it or perhaps replace it with somewhat of another kind of longer term facility, again, to shore up liquidity for the bank system.
Kayvan
All the way up to today, as you were mentioning, good looking up our product on the FDIC obligations around that source of strength is another news published today from FDIC and the Fed together on that topic. Yeah, please go ahead.
Michael
Oh, wait, did it come out today?
Kayvan
Notice Just a note. It’s not an actual regulation.
Michael
So all right, you might be ahead of me. I haven’t read all my newspapers for the day yet. So. I’m glad you saw that. I’m glad you said that. So that appears definitely to be to be coming up. Bank merger reform, I think is always on the horizon. In part, because the Dodd-Frank Act requires regulators to consider the impact on the financial system when considering bank merger applications is particularly relevant to somewhat larger bank mergers. So I think there’s going to be renewed attentions by the regulators on just that. Right. And what is the risk profile of the combined institution? What will it look like and are we okay with that, from a regulatory standpoint? I think there’s going to be closer scrutiny on those bank merger applications. And then finally, I mentioned earlier the proposals, the proposal that was issued by the FDIC for banks above $10 billion. Look. In a nutshell, the FDIC had not yet issued any guidelines or proposals for kind of the larger banks out there. Unlike the Fed which has the enhanced prudential standards, the OCC has a heightened status. So the FDIC said look, we’re going to kind of look at what the Fed that we’re going to look like what the OCC did, and we’re going to borrow elements from those standards. And there’s a lot of elements from this that were in fact almost just outright copied and pasted. So from the principles-based approach, there was no surprise there right banks over $10 billion should have an independent second line of defense and a CRO that reports to the board of directors in the shadow of independent internal audit functions, and who’s what we expect from the board. But it’s going to be important to look at this row particularly closely because it is also not exactly the same as the other regulators. In some respects, it actually has higher expectations, which surprised me a little bit, still has to go through the comment period. So maybe they will walk back a few of those. At the end of the day, however, it will pass or something similar to that will pass.
Kayvan
An end of November type of thing to get the common close, they can move forward from there. Yeah, I think you’re right.
Michael
I think so. So time again, not to beat the dead horse. But the time is now for banks to kind of especially growing banks to invest in their risk management program, to try to kind of stay ahead of those risks, especially in anticipation of the passage of rules, just like this one.
Kayvan
Yeah, speaking of risk management programs, we looked at the drivers that probably led to these failures, we looked at what the regulators are looking at both retrospectively to mitigate risk and upcoming rules and regulations because we don’t have enough rules and regulations. But also, you mentioned risk management programs in the trenches looking outward from a risk management program. What should we be on the lookout for is a risk team that involves both compliance and of course, counsel as well.
Michael
Yeah, here’s what to be on the lookout for. Having lived through this one having lived through 2008 and some other banking events over my career, here’s, maybe I’ll call us for some best practices. And key takeaways. It is important when facing that magnitude of a crisis, even as a non-failing thing to establish first kind of a war room, right, where you have representatives of the various disciplines, across all the different factions, right, finance rates, regulatory, the frontline marketing, communications, and really get together in order to ensure that as a management team, you are able to get kind of a holistic look into the kind of crisis as it unfolds life. And to make sure that we have the appropriate data points that you can react on. Involving the board is extremely important as well. Bear in mind, if the bank ends up failing, a lot of people are going to have the benefit of hindsight, including the regulators, and they’re going to look at how management handled the situation, how engaged was the board of directors in trying to, you know, handle and manage the crisis? You know, the minutes again, that I was discussing earlier, continue to be very important. customer management is key. And I think perhaps a little bit underappreciated it in general, like I said earlier at the end of the day, these were just good old run-on banks. Yes. So, getting into the mindset of customers, and trying to give them the comfort that they need to stay with the institution. That’s really what it all boils down to. And there’s kind of a few tricks to do right here. Right? It’s more than just the relationship manager saying, Don’t worry, we’ll be just fine. You can manage that a little bit better. For example, banks can issue kind of talking points. That kind of highlights the strength of the bank. Also, there are products out there, for example, network deposits, that are available that allow banks to distribute uninsured deposit balances in chunks of $250,000 or less to other banks out there. Meaning that for a fee, any bank is able to provide effectively unlimited deposit insurance to their depositors. So for those who are a little more nervous about that, what a useful product, right? Deposit monitoring, is really where you need to be able to understand your deposit inflows and outflows and especially for those outflows, the why’s. Is this an outflow that’s occurring as part of the usual course of business? Or is this a customer who’s actually trying to rebalance their money in order to perhaps, perhaps, or maybe as a result of concern of certain concerns about your financial institution? So it’s really important to get out there and speak to the customers and understand what the outflow is about.
Kayvan
I have a question for you on the customer management side, they run the banks with the convenience that we can just do that run so quickly using a mobile device with a single click. Is there any move slowing it down? I mean, it sounds counterintuitive, but adding additional friction in terms of slowing that down, I know that that sort of thing is much more in place from in European banks and other institutions. But is that convenience kind of making it a little bit too easy to see what happened there? Are you seeing that kind of posture, we’re going to continue to work towards convenience, convenience, convenience is the number one objective?
Michael
Well, it’s hard to fight against convenience. Because if you don’t make things convenient for your customers, you’ll lose to the competition, right? So you need to be agile, if the competition has gone towards, you know, digital banking and you can wire the entirety, you can move the entirety of your of your account balance. You know, while you’re at a cocktail party, and you’re talking about a certain thing, having a drink. That’s, I don’t think you can fight that. I think that (and this is really one of the main takeaways from this bank failure) is that things have changed. It’s not like the movie A Beautiful Life where people like line up in front of the bank to try to get their envelope for cash and the velocity at which money can move has changed. And it’s time for banks to look at the some of the assumptions that they have in their own models, particularly liquidity risk, particularly stress testing. And we consider whether or not those assumptions are still true. I suspect there’s a lot of room for improvement there.
Kayvan
Absolutely, and social media monitoring, I guess, good luck with being able to do that on the scale that we’re seeing happening, of course, you talked about monitoring, monitoring, monitoring, and being able to another aspect, you mentioned earlier enforcement, action tracking, you know, the idea of having tech come to the rescue, or at least tech be a companion. For what you’re doing in that risk program, we’ve seen that I’m seeing, you’re probably seeing that as well, that manual approach, try to throw bodies at it and try to solve it completely manually. sounds impossible, if not super expensive, and time-consuming and not necessarily scalable. So really looking at that, you know, approaches towards the more real-time monitoring of not just risk, but also you talked about this laundry list of rules and regulations that are coming down the pipe. And of course, many of our advisors and clients are basically talking about how enforcement action tracking gives them a really good sense of where the regulators are more serious, but also gives them a chance to do regular regulatory change management through enforcement action analysis. And that sounds counterintuitive, but considering the volume of rules, it sounds like it’s a good place to start, you know, automated automation to really talk and try to understand what’s going on to improve the amount of time that it takes for you to react and understand the risk, and ultimately merging or aggregating operational risk into the overall risk profile. Michael, do you have any advice from the modernization perspective, from a tooling perspective? Do you see a regulatory lock against this type of move towards the modernizing risk management and compliance management systems?
Michael
No, I mean, I think ultimately, as a bank rolls, it becomes expected, and manual processes and fancy Excel sheets just don’t cut anymore. And, especially as those tools become kind of more readily available to banks, there is, you know, it kind of becomes a default, that banks must have to adapt as they want to grow. I do kind of want to highlight, as you mentioned, the monitoring of enforcement actions. It is one thing that I’ve learned over the years. And by the way, I didn’t really fully appreciate this when I was a baby lawyer. I thought, Who cares about enforcement action, all I care about is the rules. And if I follow the rules, I’ll be okay. And an enforcement action is just for those who break the rules. And I’m not going to break the rules. You know, how short-sighted was that? So, I’ve learned a lot over the years. But now we actually, for my institution at RISD, we definitely look very closely at what are the enforcement action trends, and it heavily weighs on our decision-making process because sometimes we see things coming much further ahead. And that puts us at an advantage, a competitive another advantage.
Kayvan
Yeah, speaking of doing things manually, you know, and that you can call with fancy Excel spreadsheets. So I wanted to take another poll and where do you stand from a tech evolution? He’s still in that manual side of the crawl, walk, run and fly spectrum, or have you already taken advantage of regulatory technology solutions to help automate both your understanding of what the regulatory changes are, how it impacts your company, what enforcement actions have been issued and what actions you need to take to mitigate risks?
<pause for Poll responses>
We have a bulletproof automation process. That would be the manifest destiny. I guess we’re everybody.
Ronjini, what’s the difference between two and three, by the way? Sounds like they look pretty good. Like, right?
Moderator
Yes. I love operating the polls. I’m sorry about that. Yeah, it’s, it would be A, B and C and D on the screen. We’re assessing reg tech solutions, but haven’t found when we like he would be having we haven’t started to integrate tech solutions into our strategy. D, we have a bullet proof automation process.
Kayvan
It seems like you’re leaning towards B Ronjini. That’s what’s going on here.
Moderator
Yes. I just want everyone to choose that. Yeah.
Kayvan
All right. All right. Yeah, you won, definitely in progress. So I would call this walk, you know, kind of like a mode. And that’s in line with what we’re hearing and seeing Michael, does this kind of fall in line with your observations as well, in terms of where companies are overall?
Michael
I think so too. I mean, look, 10 a lot of conferences, talk to a lot of colleagues across the industry. And, again, as risks evolve, and new challenges present themselves, then the solutions also evolve, and present themselves in different ways. So you know, modern problems require modern solutions. It’s really the organizations that become stuck and think, okay, mission accomplished, we’re done. And we don’t need to change anything to our program that ended up failing, maybe not now, maybe they’re right about now. Right. But then 10 years down the road when it has failed to, evolve further, that one, that’s why we see issues.
Kayvan
Start the journey as soon as possible in the set of, I guess, the timeline in the future, that makes sense. And from our side, you know, as a vendor, we’ve been assisting and serving organizations Exactly. With that realm, get a good sense of what’s going on, from a regulatory perspective, what’s coming down the pipe, be able to understand how that impacts different parts of your organization, and take the adequate actions. You just heard, Michael, did you say, baby lawyer, or did I miss here that you said when I was that that progression, it’s been very eye-opening that this is, this continues to be the number one use report by our users using our solution. And we’ve always been scratching our head under attorney said that the more we talk to a compliance officer, the more obvious it becomes at this a very good sense of intelligence and temperature reading. And of course, last but not least, simplifying the ability to report and you were talking about board be able to relay that information both upstream so that there’s transparency throughout the organization. But also, you know, we see this repeated use of the term Latin term lack of a culture of compliance within organizations by the regulators, be able to address that and show that you have a clear definition of Done. We know what’s happening. We know how it impacts us. We have a scalable change management process and be able to provide that to auditors alike. Very much looking forward to providing a demo of a solution for those who want to see it. I know we’ve had some questions Ronjini in terms of access to this content. I saw a couple of questions come by looking for ways to access this content. I guess we have this on-demand set available on the site, right?
Moderator
Yeah, absolutely. So this will be on demand probably early next week, once we get everything cleaned up and transcribed for everyone. And we can make the presentation available so people can look at the talking points as well.
Kayvan
Any other questions? Otherwise? I know we went a little bit over time. The link is going to be there to see a demo of our solution and as Ronjini mentioned access to this session on an On Demand. basis
Moderator
Yeah. Yeah. So thank you. That was kind of the end. My end comment anyway was the on-demand webinar, we’ll be sending this out to everybody who’s registered. If you guys have any questions, feel free, you can always email marketing@compliance.ai and we can get back to you with any answers we didn’t get to today. And yeah, we hope to see you guys next time.
Kayvan
want to thank Michael, that was amazing. Thank you so much for your advice and educating. Thank you so much.
Michael
Always good being here.
Moderator
Have a great week.
Regulatory Compliance
Risk Management Solution
Asif Alam
CEO & Board Member
Asif Alam is the Chief Executive Officer at Compliance.ai. A leader in shaping disruptive technology, his experience includes building products using AI and natural language processing for GRC, payments, lending, risk, trading, and new solutions, from Fortune 500 companies to startups.
In his most recent role, he served as the Chief Strategy Officer of ThoughtTrace, unlocking new revenue streams and markets, and reignite portfolio growth. ThoughTrace was then acquired by Thomson Reuters in 2021.
He brings more than 20 years of management and business experience; increasing profitability, unlocking new revenue streams and markets, and reignite portfolio growth for companies like Thomson Reuters, Crux Informatics, and Finastra. Asif is a forward-thinking expert driving engagement via client forums, public presentations, and white papers.
Cesar Lee is a Principal at WRV, a venture capital fund focused on early-stage investments in hardware, semiconductor, and other technology-related companies. Previously, he was an investment professional at Riverwood Capital, a technology-focused, late-stage venture capital, and private equity fund. He began his career at RBC Capital Markets, where he was part of the Mergers & Acquisitions group for two years and the Equity-linked & Derivatives group for one year. While at RBC, Cesar spent a majority of his time working on M&A advisory transactions for technology companies.
Cesar’s investment experience includes buyouts, later stage, early stage and seed rounds. Cesar has completed transaction in the U.S., Latin America, and Asia, and in technology sectors including data centers, software, semiconductors, consumer electronics, robotics, big data, and internet.
Maria Devassy is a RegTech, Content, and Technology leader with over 20 years of experience helping companies bridge the gap between technology, product, and business. Maria has held leadership positions with MetricStream, KPMG, Oracle Corporation, and other technology companies. She has launched several successful RegTech products, business partnerships, and advised Fortune 100 clients on risk management, audit, advisory, and compliance business across Industries.
Hugh Cadden is a recognized expert in derivative financial and trading markets including futures, options, and swaps. Hugh is currently a senior consultant and expert with OnPoint Analytics, Inc. an economic, finance and statistical consultancy specializing in expert testimony for complex litigation. He has been specializing in the organization, operation, and regulation of financial and trading markets for over 40 years. Hugh’s experience includes both the public and private sectors and he has held senior level positions with the U.S. Commodity Futures Trading Commission including serving as Director of the Division of Trading and Markets and Deputy Director of Enforcement. He has been qualified as an expert on financial and trading market matters before the Commodity Futures Trading Commission, the Securities and Exchange Commission, the U.S. Tax Court, Financial Industry Regulatory Authority, National Futures Association, American Arbitration Association and federal courts.
Drake Ross is a former bank regulator who specialized in compliance with consumer protection regulations while at the OCC, FDIC, and OTS. While at these agencies, he provided extensive training and guidance and developed materials to ensure full comprehension and proper application of rules, laws, policies, and guidance, and served as a Subject Matter Expert in numerous areas. Because of his expertise, he often presented at agency and industry events. He also played a significant role in successful windup of the 2008 IndyMac Bank failure, where because of his extensive knowledge of the FDIC deposit insurance regulations, he was called upon to administer highly-complex insurance determinations.
Carliss Chatman is an Assistant Professor of Law teaching Contracts, Agency and Unincorporated Entities, Corporations, and Transactional Skills. Her work is influenced by over two decades of service on non-profit boards and involvement with community organizations. Through leadership positions, she has developed expertise in corporate governance and non-profit regulation. She has also been instrumental in strategic planning and fundraising efforts. Prior to law teaching, Professor Chatman was a commercial litigation attorney in Houston, Texas. In practice, she focused on trial law, appeals and arbitration in pharmaceutical, health care, mass torts, product liability, as well as oil, gas, and mineral law. In addition to negotiating settlements and obtaining successful verdicts, Professor Chatman has also analyzed and drafted position statements regarding the constitutionality of statutes and the impact of statutory revisions for presentation to the Texas Legislature.
Sign me up for all regulatory updates
Get access to EITL Forum recordings
Mariam is an Operating Principal at Cota Capital. Mariam has experience providing guidance on strategic and operational planning to Venture and Growth stage companies. Prior to Cota Capital, Mariam spent her career in management consulting as a Director at KPMG. She has experience leading global transformation programs and developing innovative service offerings for Fortune 500 companies in the Technology sector. Mariam has an MBA from UCLA’s Anderson school of management with an emphasis in Finance and Entrepreneurship. She has a Bachelors in Science in Finance and a Bachelors in Science in Economics from Santa Clara University.
Chris Callison-Burch is an Associate Professor in Computer and Information Science Department at the University of Pennsylvania. His research interests include natural language understanding and crowdsourcing. He has served the Association for Computational Linguistics as the General Chair for the ACL 2017 conference, as an action editor for the Transactions of the ACL, as an editorial board member for the Computational Linguistics journal, and an officer for NAACL (the North American chapter of the ACL) and for SIGDAT (the special interest group for linguistic data and corpus-based approaches to natural language processing)
Tom Ladt is an experienced executive and investor. Tom has lead and served on the boards of several public and private companies serving highly regulated industries such as technology, healthcare, real estate, and food processing. Tom has also served in key governmental roles and on numerous community boards.
Jeroen Plink is a global executive with a proven track record of developing and growing businesses, teams, and technologies with innovation and passion. Jeroen was CEO of Practical Law US during its acquisition by Thomson Reuters. He now serves on numerous boards and acts as a strategic consultants for start-ups.
Global Legal and Compliance executive with 15+ years of success in the SaaS technology and financial services industries. Partner to the CEO and executive team in corporate transactions, business development, product expansion, and regulatory navigation during periods of intense growth and organizational change. An advocate of effective risk management that starts with sound business practices and putting the customer first.
Richard Dupree has held multiple Risk, Compliance and Operations positions at regional, national, and global financial services firms including Wells Fargo, Silicon Valley Bank, Bank of the West and BNP Paribas. Rick currently advises FinTechs and RegTechs and sits on industry panels, contributes to industry whitepapers, thought leadership efforts, and speaks at industry seminars on Risk and Compliance challenges faced by banks and FinTechs.
Brian advises clients on legal and regulatory compliance in the financial, tech, and procurement sectors. His passion is helping businesses succeed in heavily regulated environments. As counsel and trusted advisor to businesses of all sizes, and as a former regulator, policymaker, and federal official, Brian acutely understands the unintended burdens that even well-intentioned government requirements can put on innovation and business growth, as well as how to create policies that strike the right balance.
Brian served as National Ombudsman in the Obama Administration, leading the federal Office of Regulatory Enforcement Fairness in assisting hundreds of startups, entrepreneurs, and small business owners in every industry and every state.
Dr. Marsha Ershaghi Hames is Managing Director of Strategy & Development at LRN, a leader in advising and educating organizations about ethics and regulatory compliance, as well as corporate culture, governance and leadership. With the focus of inspired behavior versus required behavior, LRN is a leading voice in the industry for companies to build ethical cultures instead of “check-the-box” compliance approaches. She’s advised Department of Justice corporate monitors on successful program transformation under CIAs (Corporate Integrity Agreements. With over 20 years of experience in leading multinational ethics and compliance strategies, Marsha has become a highly sought-after thought leader on leading Corporate Compliance and Ethics practices.
Carla Carriveau is currently the Senior Managing Counsel at Wealthfront, an automatic investment service firm in Redwood City, California. Carla was previously Senior Counsel, Division of Trading and Markets, at the United States Securities and Exchange Commission. As a former regulator with over 15 years of experience in helping small businesses navigate legal and regulatory needs in the financial services sector, Carla advises Compliance.ai on financial services regulation, the regulatory landscape and industry practices.
